Cyber Incident and Reporting Act
We’ve covered the shifting landscape of cyber threats at length in recent months, but the responsibility of attack victims is also a moving target. A recent Epstein, Becker & Green piece featured on JDSupra highlighted the newly broadened responsibilities in the Cyber Incident Reporting Act within the 2022 Consolidated Appropriations Act. This act, which will not go into effect for another 22-42 months, imposes four primary reporting requirements on covered entities who have been impacted by a covered cyber incident. While the clarification and coordination with existing regulations still need to be ironed out, it’s critical for organizations to monitor CISA rulemaking and prepare accordingly.
Understanding the Roles of Penetration Testing
Penetration testing is a critical cyber security posture assessment tool. It helps an organization identify weaknesses and vulnerabilities in the security of their systems and applications, allowing mitigation steps to be taken to avoid a cyber attack. An article from Trends Magazine briefly discusses the roles of penetration testing and how it can assist organizations in a variety of areas, including compliance issues, cyber attack prevention and improving important security protocols.
BakerHostetler Data Security Incident Response Report
BakerHostetler recently released its 2022 Data Security Incident Response Report, which provides a glimpse of the cyber market experience in 2021. While some of the trends within the report may be alarming (prevalence of ransomware, surge of vendor-related incidents), and there are significant concerns regarding the situation in Ukraine, there are signs of progress. The decreases Baker noted in the time to detect an intrusion and average ransom payout exemplify the proactive work organizations are doing to prepare for cyber attacks. The report closes with other trends that Baker and the broader industry have seen from a regulatory perspective and suggests ways to best navigate a regulatory environment that is attempting to keep us the evolving risk.
Understanding Log4j and Zero-Day Vulnerabilities
Log4j is an open-source error-logging library with several vulnerabilities leaving internet-connected devices open to remote attacks. In a new article from NetDiligence, Mark Greiser of NetDiligence interviews Yinan Yang, director of incident response with Crowdstrike, to discuss the risk of log4j vulnerabilities, what you don’t know and how to prepare for the next inevitable zero-day event. One of the most common log4j challenges is its zero-day situation and the fact that organizations cannot effectively mitigate the risk because they are not aware they have the software in use. Even if they did, it’s not certain they would be able to tell something was wrong before it was too late. For example, Microsoft Outlook, OneNote or other applications could have a component of log4j under the hood, which is why it’s challenging for organizations to understand if they have this risk in their environment.
RCM&D is here for you to help protect your cybersecurity. Talk to a trusted advisor today with any questions on these highlighted issues and beyond.
To subscribe to the RCM&D Cyber News Bytes Newsletter, click here.